<?php
/*
 * This is where the site administrator can approve/deny new users
 * This HTML is inserted into the Dashboard page using JQuery
 */
require_once('includes/dbfunctions.php');

if (!isset($_SESSION['User'])) {
    require ("login.php");
    exit;
}

//if person is not an admin, redirect to index
 if ($_SESSION['Admin'] == '0')
    echo("<script>location.href='index.php?msg=accessdenied'</script>");

//If the form is submitted, proceed
if ($_POST)
{
    if (($_POST['action']) == "Approve")
    {
        $id = $_POST['record'];
        $adminFlag = $_POST['admin'];
        $pubFlag = $_POST['pub'];
        $authorFlag = $_POST['author'];

        //approve the user
        approveUser($id, $adminFlag, $pubFlag, $authorFlag);
        //TODO Send the email to the user that they've been approved
    }
    if (($_POST['action']) == "Deny")
    {
        //deny the user
        denyUser($_POST['record']);
        //TODO Send the email to the user that they've been denied
    }
}
?>
<h3>Users awaiting approval</h3>
<form name="approveUsers" method="" action="">
<input type="hidden" name="record" id="record" />
<table width="700" id="userApprove">

<?php
// look up all users in database needing approval
$output = adminDash(0);
//if we have any, generate display table headers
if (count($output) > 0)
{
    ?>
    <tr> <td colspan="5">
            <span class="admin_success">Approvals Successful</span>
            <span class="admin_error">Error, no permissions selected</span>

        </td>
    </tr>
    <tr>
        <th scope="col">Username</th>
        <th scope="col">Name</th>
        <th colspan="3" scope="col">Permissions</th>
        <th scope="col">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Action</th>
    </tr>
    <tr>
        <td scope="col">&nbsp;</td>
        <td scope="col">&nbsp;</td>
        <td scope="col">Admin</td>
        <td scope="col">Publisher</td>
        <td scope="col">Author</td>
        <td scope="col">&nbsp;</td>
    </tr>

      <?php


      $i=0;
      while ($i < count($output))
      {
          $id = $output[$i]['ID'];
          $admin = $output[$i]['Admin'];
          $pub = $output[$i]['Publisher'];
          $author = $output[$i]['Author'];

          echo ("<tr>");
          echo ("<td scope=\"col\">".$output[$i]['Email']."</td>");
          echo ("<td scope=\"col\">".$output[$i]['First'].' '.$output[$i]['Last']."</td>");

          echo ("<td scope=\"col\"><input type=\"checkbox\" id=\"admin$id\" name=\"admin$id\" value=\"$admin\" ");
          if ($output[$i]['Admin'] == '1')
          echo ("checked=\"checked\" /></td>");
          else echo("/></td>");

          echo ("<td scope=\"col\"><input type=\"checkbox\" id=\"pub$id\" name=\"pub$id\" value=\"$pub\" ");
          if ($output[$i]['Publisher'] == '1')
          echo ("checked=\"checked\"  /></td>");
          else echo("/></td>");

          echo ("<td scope=\"col\"><input type=\"checkbox\" id=\"author$id\" name=\"author$id\" value=\"$author\" ");
          if ($output[$i]['Author'] == '1')
          echo ("checked=\"checked\"  /></input></td>");
          else echo("/></td>");


          echo ('<td scope="col">');

          echo ("<input type=\"submit\" class=\"action\" name=\"action\" value=\"Approve\" onclick=\"document.approveUsers.record.value='$id';\" />");
          echo ("&nbsp;&nbsp;");
          echo ("<input type=\"submit\" class=\"action\" name=\"action\" value=\"Deny\" onclick=\"document.approveUsers.record.value='$id';\" /></td>");
          echo ("</tr>\n");
          $i++;
      }
  }
  ?>
</table>
</form>
